29. oktober 2019 - 9:00
Del det på:

Identity & Access Control for modern Applications and APIs using ASP.NET Core 2 - 29-30 October 2019 | Scandic Nidelven | tysdag, 29. oktober 2019

Modern application design has changed quite a bit in recent years.
"Mobile-first" and "cloud-ready" are the types of applications you are expected to develop. Also, to keep pace with these demands, Microsoft has revamped their complete web stack with ASP.NET Core to meet these architectural demands.



Needless to say, you also have to secure these apps.
Multi-platform, multi-client, and highly-mobile users bring a new set of challenges, so the approaches of the past are no longer appropriate for modern applications. This two day workshop is your chance to dive into all things security related to these new technologies. Learn how to securely connect native and browser-based applications to your back-ends and integrate them with enterprise identity management systems as well as social identity providers and services.
This workshop covers everything you need to know to build modern and secure web, native & mobile applications. The foundation will be Microsoft's latest technology stack but will also include IdentityServer4, which is the officially recommended framework for building token services.
Technologies covered:
.NET Core, ASP.NET Core, MVC, Web APIs, Claims, OpenID Connect, OAuth 2.0, WS-Federation, SAML, JSON Web Tokens, Single Sign-on and off, Federation, Delegation, Home Realm, Discovery, CORS
Day 1: Foundation & Authentication

Identity & Access Control in .NET Core
ASP.NET Core Security Framework

Claims-based Identity
Cookie-based Authentication
Social Logins (e.g. Google, Facebook, Twitter, etc.)
OpenID Connect
Data Protection
Authorization


Web Application Patterns

Single Sign On / Single Sign Off
Claims Transformation
Federation Gateway
Account & Identity Linking
Home Realm Discovery



Day 2: Web APIs & Access Control

Securing APIs

Architecture & Scenarios
Token-based Authentication


OAuth 2.0

Clients
Scopes
Flows
Token lifetime management
Refresh tokens


OpenID Connect & OAuth 2.0 combined

Server to Server communication
Native & mobile Applications
SPAs
Custom credentials & token requests



Computer Setup:
Attendees will need to bring a computer with Visual Studio 2017